-
-
Save dennismonsewicz/373d1f74d3c02078630a to your computer and use it in GitHub Desktop.
Sign In As Warden Strategy
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# config/initializers/sign_in_as.rb | |
require 'devise/strategies/authenticatable' | |
module Devise | |
module Strategies | |
class SignInAs < Authenticatable | |
include ::SignInAs::RememberContributor | |
def valid? | |
user = User.find_by_id(params[:id]) | |
if user.athlete? | |
contributor_has_access? && (ability.can?(:create, user) || ability.can?(:update, user)) | |
else | |
clear_remembered_contributor_id | |
true | |
end | |
end | |
def authenticate! | |
resource = User.find_by_id params[:id] | |
if resource | |
success!(resource) | |
else | |
fail!("You do not have sufficient access to this account") | |
end | |
end | |
private | |
def contributor_has_access? | |
contributor_user.school_admin? || contributor_user.athlete_contributor? || contributor_user.class.name.eql?("HighSchoolCoach") | |
end | |
def contributor_user | |
User.find(remember_contributor_id) | |
end | |
def ability | |
@ability ||= "::Abilities::#{contributor_user.class.name}Ability".constantize.new(contributor_user) | |
end | |
end | |
end | |
end | |
Warden::Strategies.add(:sign_in_as, Devise::Strategies::SignInAs) |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment